- 11 2月, 2014 4 次提交
-
-
由 Travis Cross 提交于
Some OSes like linux provide a mechanism for sending TCP keepalive pings. Sofia provides its own mechanism for doing this in userspace. We shouldn't conflate these two mechanisms. FS-6104
-
由 Travis Cross 提交于
This separates out the Linux socket TCP keepalive timeout interval from Sofia's internal mechanisms. Earlier we tied these together. In retrospect this seems improper. These two values can now be set separately. You might, for example, want to keep the Sofia internal mechanism disabled completely while enabling the platform-based mechanism if your platform supports it. We also here reform the default value of the socket TCP keepalive parameter to 30 seconds. This is what commit a0e9639a should have been. FS-6104
-
由 Travis Cross 提交于
-
由 Travis Cross 提交于
Sofia keeps the TCP keepalive timeout in milliseconds, but Linux expects the value in seconds. Before this change, it's unlikely the TCP_KEEPIDLE and TCP_KEEPINTVL calls were having much effect as we would have been passing them a huge value. FS-6104
-
- 10 2月, 2014 4 次提交
-
-
由 Anthony Minessale 提交于
FS-6128 FS-6200 --resolve allocating the sofia_private on the nua_handle seems to lead to memory corruption, changing it back to malloc as done in the version before the regression
-
由 Anthony Minessale 提交于
-
由 Chris Rienzo 提交于
-
由 Jeff Lenk 提交于
-
- 09 2月, 2014 8 次提交
-
-
由 Travis Cross 提交于
-
由 Travis Cross 提交于
-
由 Travis Cross 提交于
-
由 Travis Cross 提交于
-
由 Jeff Lenk 提交于
-
由 Jeff Lenk 提交于
-
由 Peter Olsson 提交于
-
由 Peter Olsson 提交于
-
- 08 2月, 2014 5 次提交
-
-
由 Anthony Minessale 提交于
-
由 Anthony Minessale 提交于
-
由 Steve Underwood 提交于
-
由 Steve Underwood 提交于
-
由 Steve Underwood 提交于
-
- 07 2月, 2014 3 次提交
-
-
由 Brian West 提交于
-
由 Anthony Minessale 提交于
-
由 Anthony Minessale 提交于
-
- 06 2月, 2014 14 次提交
-
-
由 Anthony Minessale 提交于
-
由 Chris Rienzo 提交于
-
由 Anthony Minessale 提交于
-
由 Anthony Minessale 提交于
FS-6197 --resolve the line numbers in the trace do not match the version you reported make sure you know what version you are using
-
由 Travis Cross 提交于
-
由 Travis Cross 提交于
This adds support for the ephemeral elliptic curve Diffie-Hellman key exchange, which provides for forward secrecy in the event that long-term keys are compromised. For the moment, we've hard-coded the curve as prime256v1.
-
由 Brian West 提交于
-
由 Travis Cross 提交于
This adds a parameter tls-ciphers in which we can specify the TLS cipher suite specification for OpenSSL.
-
由 Travis Cross 提交于
Previously there was no way to override the hard-coded cipher suite specification of "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH". This commit does leave in place the hardcoded cipher spec for WebRTC of "HIGH:!DSS:!aNULL@STRENGTH".
-
由 Chris Rienzo 提交于
-
由 Chris Rienzo 提交于
-
由 Travis Cross 提交于
-
由 Travis Cross 提交于
Previously if tls-version was set to tlsv1 we supported only TLSv1, but if it was set to sslv23 we supported all versions of TLS. This was a weird incorrectly documented behavior that we hope no one was relying on. Now we can pass a comma-separated list of TLS/SSL versions that we would like to support in tls-version. FS-5839 --resolve
-
由 Travis Cross 提交于
Previously if the TPTAG_TLS_VERSION was set to a non-zero value we supported only TLSv1 (but not TLSv1.1 or TLSv1.2), and if was set to zero we supported all versions of TLS and SSL (including the ridiculous SSLv2). Now we take an integer field where various bits can be set indicating which versions of TLS we would like to support.
-
- 05 2月, 2014 2 次提交
-
-
由 Chris Rienzo 提交于
-
由 Chris Rienzo 提交于
-
